NHS Hit by Cyber Attack

Under Cyber Attack ! (update)

The the National Health Service has declared a major incident as the ransomeware attack, which started just after lunch today spreads across the service.

Tech experts are now battling to fix the problem, but computers at walk-in centres, hospitals, and at GP surgeries have been taken offline and patients have been urged to avoid them ‘unless absolutely necessary’, and should call 111 for triage and medical advice.

GP and hospital appointments already arranged for this afternoon are still being held, it is understood, but new appointments cannot be made. However, the extent of the attack has not been limited to the UK or NHS as reports come in of other organisations across the globe also being attacked.

What is this Ransomware? In this case it’s suggested to be WannaCryptor, description below from enigmasoftware.com:

The WannaCryptor Ransomware is being distributed as a bogus messaging program that is being sent to victims through corrupted email messages. Once the WannaCryptor Ransomware encrypts the victim’s data, it will identify the files that have been encrypted by adding the file extension ‘.wcry’ to the end of each file’s name.

The WannaCryptor Ransomware also will delete the Shadow Volume Copies of affected files, preventing computer users from using this recovery method to recover the files.

The WannaCryptor Ransomware delivers its ransom note by changing the infected computer’s desktop wallpaper image. The desktop image will be contained in a BMP file named ‘!WannaCryptor!.bmp’ and will display the following message for the victim: ‘Ooops, your important files are encrypted. If you see this text, but don’t see the “Wanna Decryptor” window, then your antivirus removed the decrypt software, or you deleted it from your computer.’